Challenge Title

:

Non Disturbing Hacking of GETCO website, showing security loopholes and roadmap for correction.

Challenge Description with context

:

Students will try to get access to the GETCO webserver and various application are hosted on GETCO server.

Instructions :

·         Students are allowed only try to access the server

·         Success or failure will be demonstrated to the judges with the logics, steps, tools and technique/process.

·         GETCO IT and Security team will strictly monitor the process.

·         Students will provide as much as details about servers and server platforms.

·         Proof of Access should be provided (on request)

Only URL Links will be provided as a challenge resource  (as under)

1.              www.getco.co.in/

2.              www.getco.co.in/gst/

3.              www.getco.co.in/gicms/

Warning :

·         Students will not make any change (in any case).

·         Judges may ask to put certain data/files to successful candidates as a Proof of Access, until no files/data will be uploaded by the students.

HACK : White Hat Hack (here),

Don’t be notty, Notties will be in jail…!!!

Government websites are always soft target of hackers. Both the success and failure will teach new lessons to all of us 

What Exact Problem is being Solved?

:

Imagine that all the services are hosted on single server.

The server might be behind Hardware and/or software firewall.

Users

:

Server manager

Site manager

IT/Network/Security  managers

Expected Outcomes

:

Impact

:

Student : as an ethical hacker

GETCO IT/security TEAM: first line to last line defence